Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
JUNXIAZHANG
Beginner
Beginner

Which patch version need to download for RSA Authentication Manager version 8.2.1 to address DSA-2018-213

Jump to solution

I received an email from RSA product team regarding  about DSA-2018-213  for

CVE Identifier:  CVE-2018-3191, CVE-2018-3197, CVE-2018-3245, CVE-2018-3252, CVE-2018-3246, CVE-2018-3149, CVE-2018-3180

According to email,  affected products are:

  • RSA Authentication Manager 8.3 Patch 4 and earlier
  • RSA Authentication Manager web-tier server 8.3 Patch 4 and earlier

RSA recommended to upgrade to

  • RSA Authentication Manager 8.3 Patch 5 and later
  • RSA Authentication Manager web-tier server 8.3 Patch 5 and later

 

My question is we are using Authentication Manager 8.2.1 and which patch we need to download to address that problem?. Do we need to upgrade to 8.3 and apply the recommended patch?

 

Thank you in advance.

Junxia.

Labels (1)
0 Likes
1 Solution

Accepted Solutions
IvanBatovic
Occasional Contributor Occasional Contributor
Occasional Contributor

Hi Junxia, 

That is correct, you will need to upgrade to RSA AM 8.3 followed by the installation of RSA AM 8.3 Patch 5. 

https://community.rsa.com/community/products/securid/authentication-manager-83/downloads 

Regards

Ivan

View solution in original post

3 Replies
IvanBatovic
Occasional Contributor Occasional Contributor
Occasional Contributor

Hi Junxia, 

That is correct, you will need to upgrade to RSA AM 8.3 followed by the installation of RSA AM 8.3 Patch 5. 

https://community.rsa.com/community/products/securid/authentication-manager-83/downloads 

Regards

Ivan

JUNXIAZHANG
Beginner
Beginner

Thank you for your info

0 Likes
JUNXIAZHANG
Beginner
Beginner

Hi RSA Team,

 

Thank you for the previous reply. I need further clarification for this.

 

1. Our RSA AM version is 8.2.1 and do we need to install RSA AM 8.2 SP1 before upgrading to 8.3. I would like to know the exact upgrading path to RSA AM 8.3 patch 5 from RSA AM 8.2.1.

 

2. Our deployment include 1 primary appliances and 2 replicas. Can I upgrade primary to version 8.3 first and upgrade the replicas one by one?

 

3. Our deployment include some agents and we already deploy the Authentication Manager configuration file sdconf.rec to those agents. My question is do we need to recreate AM_Config.zip using RSA AM 8.3 and redeploy Authentication Manager configuration file on those agents after upgrading?.

 

4. Will there be any service disruption during the upgrading process?

 

Regards,

 

Junxia

0 Likes